Reimage restores your Windows OS to its original potential, reversing corrupted files without harming personal data. Scanning your hardware and software, providing a full diagnosis, Reimage can then repair any damage, replace missing system files with the new ones from our database and restore compromised settings & registry values to their original default.

eSupport UndeletePlus will recover and restore deleted files and photos on your PC or memory card, even if the files were emptied from the Recycle Bin. Using its' SmartScan technology, eSupport UndeletePlus will "undelete" your precious family vacation photos, favorite songs and videos, lost emails, and even important work documents on your computer. Recover those accidentally deleted files today!

Got PC Troubles? The Windows 7 Guides, vol 1 and vol 2, cover the sometimes confusing task of installing, optimizing, backing-up, and effectively using Windows 7. No matter what your skill level, you'll find that this collection of e-books will save you time and money - and hopefully relieves a good bit of the stress that comes with maintaining your own system.

In the unlikely chance that you’re using Windows gadgets, you need to get rid of them — right now!

Those seemingly innocuous accessory apps that you stick onto your desktop, included with Vista and Windows 7, could be used to subvert your system.

Microsoft’s hot new feature that never was

If you paid any attention to the launch of Windows Vista, you might remember Microsoft hyping a fabulous new feature in the newest and greatest version of Windows yet — the Windows we’d all been waiting for to replace XP. It was a magical new technology known as the Windows Sidebar, a place where you could put really cool mini-apps — gadgets — such as stock tickers, clocks (shown in Figure 1), simple games, and weather guides. (If none of this sounds familiar, you’re easily forgiven.)

As an MS Windows Sidebar and gadgets how to states, gadgets “offer information at a glance and provide easy access to frequently used tools. For example, you can use gadgets to display a picture slide show, view continuously updated headlines, or look up contacts.”

Figure 1. A handful of common Windows gadgets: Clock, Stock Ticker, and System Monitor

Microsoft made it sound as if gadgets were something totally new and different — a feature that would drive power users to upgrade to Vista. But in fact, the new gadgets bore a remarkable resemblance to Konfabulator’s widgets, which were already available to Windows users. (The company was bought out by Yahoo and rebranded in 2005. There’s a fascinating cartoon history of the Konfabulator gadgets — er, widgets — on the old Konfabulator site.) Vista gadgets also looked a lot like Apple’s Dashboard widgets, introduced with OS X Tiger over a year before Vista’s release.

Like widgets, gadgets embodied the trend toward push technology — the ability for outside data sources (such as live stock-market feeds) to continuously stream information onto a PC. Microsoft started experimenting with push techniques in Windows 95 with the Active Desktop, a miserable feature that worked sporadically and often failed without notice. A slimmed-down version of Active Desktop turned into the Vista Sidebar, with the new gadgets acting as the dancing bears. Windows 7 kept gadgets but no longer required the Sidebar stage.

Why gadgets have earned a bad reputation

Gadgets are little snippets of HTML code that work with few rules and no security sandboxing. That’s an open invitation to malicious hackers looking for unguarded entries into Windows.

Although the vulnerability in gadgets has existed for years, two security researchers are shedding some new light on the threat. At next week’s annual hacker gathering in Las Vegas — Black Hat USA 2012 (more info) — Mickey Shkatov and Toby Kohlenberg will deliver their presentation, “We have you by the gadgets.” As is common for Black Hat presentation pre-announcements, there are as yet few details. But Shkatov and Kohlenberg promise, “We will be talking about the Windows gadget platform and what nastiness can be done with it, how are gadgets made, how are they distributed, and, more importantly, their weaknesses. … As a result, there [are] a number of interesting attack vectors that are interesting to explore and take advantage of. We will be talking about our research into creating malicious gadgets, misappropriating legitimate gadgets, and the sorts of flaws we have found in published gadgets.”

Much to their credit, Shkatov and Kohlenberg have been in talks with Microsoft, apparently divulging some of their findings. (The point of Black Hat is to reveal detailed information on how new security exploits work, thus pushing software developers into rapidly patching their code.) I can imagine the security folks at Microsoft saying, “These guys have us nailed.” (Some of the MSRC folks might have said something considerably less printable.) The result is MS Security Advisory 2719662, which states, “Customers who are concerned about vulnerable or malicious gadgets should apply the automated Fix It solution as soon as possible” (more on that below).

Microsoft might have several ulterior motives for dumping gadgets. It’s been quietly phasing them out for some time now, and it finally shuttered the doors on the Gadget Gallery several weeks ago. There are rumors that Microsoft has yanked gadget support from the final version of Windows 8 (although gadgets still run just fine in the current Win8 Release Preview). But as is plainly stated in what’s left of the Gadget Gallery page, Microsoft wants to push you in the direction of Windows 8 Metro — where you’ll find a similar experience, but tied to an infinitely better infrastructure.

Whatever Microsoft’s intentions, there’s no doubt that Shkatov and Kohlenberg have discovered a security breach that should curl your PC’s toes.

At this time, it’s not clear whether the vulnerability is within the gadgets themselves or is associated with the Sidebar. (In Windows 7, you can run gadgets with or without the Sidebar.) MS Security Advisory 2719662 suggests both. I suppose we’ll find out next Thursday, but for now I think you need to kiss those clocks and stock tickers good-bye.

What you need to do before next Thursday

Fortunately, disabling gadgets and the Sidebar is pretty easy. Microsoft invented a poison pill, disguised as a fixit in MS Support article 2719962. You’ll find two Fix it buttons halfway down the page: one to disable the Sidebar and gadgets, and another to enable them (which might be useful if Microsoft provides an actual patch for the vulnerability).

Clicking the fixit button downloads a file, which you then need to run. You can protect other PCs by just copying that file onto a USB drive and running it on any other Vista or Windows 7 machine.

Do it now, while you’re thinking about it. The fixit doesn’t take much time, but a system reboot is required to enable it. Warn your friends: this could turn into something nasty very quickly.

Kill those Vista and Win7 gadgets now!

Feedback welcome: Have a question or comment about this story? Post your thoughts, praise, or constructive criticisms in the WS Columns forum.

Lounge member StickBoy is irked by Windows 7 popups that pause the action when he tries to open files.

He thinks he’s being treated like an idiot who doesn’t know his own mind or can’t trust his own experience. He wants to disable the notifications. His exasperation sets off a discussion in the Windows 7 forum regarding the various pros and cons of warning messages. More.

The following links are this week’s most interesting Lounge threads, including several new questions that you may be able to provide responses to:

If you’re not already a Lounge member, use the quick registration form to sign up for free. The ability to post comments and take advantage of other Lounge features is available only to registered members.

If you’re already registered, you can jump right in to today’s discussions in the Lounge.

The Lounge Life column is a digest of the best of the WS Lounge discussion board. Kathleen Atkins is Associate Editor of Windows Secrets.

The open-source GNU Image Manipulation Program can do just about anything the expensive, full-blown versions of Photoshop can do.

GIMP can save you hundreds of dollars — but it can also be difficult to master. Here’s help.

Seeking assistance learning and using GIMP

Reader JR picked up on a side comment in a recent column:

“Fred, I saw that you like using GIMP for your photo-editing work. Could you comment some day on available educational material on using GIMP? I use it all the time, but I know I’m using only five percent of its features.”

Yes, the GNU Image Manipulation Program (aka GIMP) is a beast.

You can do just about anything in GIMP that you can do in Adobe’s Photoshop. But while the current, full-CS6 version of Photoshop costs over U.S. $600, GIMP is completely free.

In truth, neither of these two photo-editing powerhouses is easy to master. Photoshop is so complex that Adobe spun off a lite version — Photoshop Elements — that’s about one-tenth the cost of Photoshop C6. Elements is aimed at casual users who want just basic editing and manipulation tools.

This week, Microsoft made Office 2013 Consumer Preview available to the masses.

This new software still has a long way to go to achieve reliability, but you can test the tools, play with the new touch interface, and generally get a feel for this new release. Here are a few highlights.

It’s in the Cloud — whether you like it or not

Download Office 2013 Consumer Preview, and you might be surprised when the process asks you to sign up for Office 365. I was both surprised and suspicious. At first, I thought Microsoft had its links mixed up. I thought, “No, I want the beta download, not another link to Office 365.”

And then I watched Microsoft’s recent webcast of Office 2013 developments. In that presentation, Microsoft CEO Steve Ballmer stated that signing up for an Office 365 preview account is part of the process of installing Office 2013. He went on to say that users will have the option of purchasing Office 2013 software and installing it on their PCs. And then he added: “… at least for now.”

Really? Do we really need — or even want — to move everything to the Cloud? Are we going to end up renting Office in the future?

Chances are you’ve heard about Office 365, Microsoft’s foray into Cloud-based services. Office 365 is compelling to some users because it offers a suite of services for communications, document sharing, and even Web hosting — along with access to Microsoft Office — all online, and all for just U.S. $6 per month per user for some subscription types. Office 365 users don’t have to install Office on their desktop PCs or tablets; they can just access it in the Cloud, and Microsoft takes care of updating the software and keeping things running.

But not everyone is ready to have their applications and data sitting in the Cloud. What about those times when you need to work offline? It’s likely that the majority of PC users still want to keep things mostly local, residing on our PCs.

120,000 global points — a snapshot of AV use

OPSWAT, a computer-services company, recently released its quarterly antivirus-software market-share report, which — among other things — shows the current adoption rate for various AV products, both free and paid. In addition to information services, the company offers several free, personal-use applications, including a malware scanner, an application remover, and a Web-browsing anonymizer. The company claims a world-wide clientele.

To produce the report, OPSWAT analyzed data sent to it by its AppRemover software (more info) — a utility having one function: to completely remove an installed security app so you can cleanly install another one. (According to OPSWAT, AppRemover is widely installed on PC systems. If users opted in, the software compiled a list of apps installed on a system.) OPSWAT states that it collected over 120,000 data points between May 16, 2011, and May 15, 2012. The report compares market-share changes between two six-month periods, and it summarizes AV usage both worldwide and in North America.

The report is biased toward those who downloaded AppRemover and also selected that they wanted their data shared — admittedly a small group. Nevertheless, I think it’s a valid sampling of AV products in use today.

What’s more interesting is comparing OPSWAT’s conclusions with test results from two leading, independent AV-testing labs — AV-Test and AV-Comparatives. That analysis suggests that the most popular anti-malware app isn’t necessarily the most effective and that free almost always trumps paid.

And the AV market-share winner is …

As of May 2012, Avast Free Antiirus was the leading AV product worldwide, with a market share of 13.5 percent, according to OPSWAT. Microsoft Security Essentials (MSE) followed closely with 13 percent. Market share then dropped to 8.3 percent for ESET NOD32 Antivirus, 7.5 percent for Avira Free Antivirus, and 6.8 percent for AVG Anti-Virus Free Edition.

WS contributing editor Robert Vamosi CISSP, was senior editor of CNET.com from 1999 to 2008 and winner of the 2005 MAGGIE Award for best regularly featured Web column for consumers. He is the author of When Gadgets Betray Us (Basic Books 2011)

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last week of December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our
free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside
party, ever.
2. We will never send you any unrequested e-mail, besides
newsletter updates.
3. All unsubscribe requests are honored immediately, period.
Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe
from the Windows Secrets Newsletter,

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.